Skip to content

G
golang
Commit c05c3a9d authored by Scott Lawrence's avatar Scott Lawrence Committed by Nigel Tao
Browse files
Options

html/template: make doctype check case-insensitive 

Fixes #3094.

R=golang-dev, rsc, nigeltao
CC=golang-dev
https://golang.org/cl/5687065
parent 19bab1dc
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 1 deletion
src/pkg/html/template/escape.go
View file @ c05c3a9d
......@@ -593,7 +593,7 @@ func (e *escaper) escapeText(c context, n *parse.TextNode) context {
}
}
for j := i; j < end; j++ {
if s[j] == '<' && !bytes.HasPrefix(s[j:], doctypeBytes) {
if s[j] == '<' && !bytes.HasPrefix(bytes.ToUpper(s[j:]), doctypeBytes) {
b.Write(s[written:j])
b.WriteString("&lt;")
written = j + 1
......
src/pkg/html/template/escape_test.go
View file @ c05c3a9d
......@@ -431,6 +431,11 @@ func TestEscape(t *testing.T) {
"<!DOCTYPE html>Hello, World!",
"<!DOCTYPE html>Hello, World!",
},
{
"HTML doctype not case-insensitive",
"<!doCtYPE htMl>Hello, World!",
"<!doCtYPE htMl>Hello, World!",
},
{
"No doctype injection",
`<!{{"DOCTYPE"}}`,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment